locked
Locking down firewall access to limited IP addresses inbound rule, still able to hit sql with IP outside of rule range RRS feed

  • Question

  • we have a windows 2016 server with sql server 2014 standard ed installed, have TCP and shared memory protocols enabled, and the firewall is open for domain traffic only and if the domain traffice does not match a rule it is blocked.  We set a SQL port rule and set the scope to a list of IP addresses that are allowed. The problem is, the parent company is running Nessus scanner/penetration tool and it is still able to hit the sql server even though the IP is outside the range set in the firewall rule scope. How is that happening?  we are running on 1433 and I am guessing that is how it is finding it. Thanks for any info.
    Friday, April 17, 2020 2:45 PM

Answers

  • The network admin fixed it. said it had to do with the public and private domains being off not turned on and something to do with the network adapter. thats all he told me but it is now woriking.
    • Marked as answer by Abeljdang Tuesday, April 28, 2020 12:44 PM
    Tuesday, April 28, 2020 12:44 PM

All replies

  • This is really a firewall question, not a SQL Server question.  SQL Server does not have a firewall.

    Without seeing all the firewall rules, it is impossible to guess.

    • Proposed as answer by Olaf HelperMVP Monday, April 20, 2020 7:06 AM
    • Unproposed as answer by Abeljdang Monday, April 20, 2020 12:59 PM
    • Proposed as answer by ABDBA Tuesday, April 28, 2020 8:30 AM
    Friday, April 17, 2020 5:15 PM
  • Hello Abeljdang,

    I agree with Tom, it is windows firewall question. I little doubt that if you configure windows firework restrict access to your server correctly? Please double check, and you can refer to this blog: How to Create Advanced Firewall Rules in the Windows Firewall

    In terms to SQL Server, you can set up a logon trigger checked the IP address using sys.dm_exec_connections, more detail, please see this thread: Restrict an SQL Server connection to a specific IP address

    Hope it will help

    Best Regards

    Dawn


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    • Proposed as answer by ABDBA Tuesday, April 28, 2020 8:30 AM
    Monday, April 20, 2020 6:23 AM
  • OK I will review the above link. The IP it is coming from isn't in question, I have that. thanks
    Monday, April 20, 2020 1:00 PM
  • Have you solved the problem? Could you share the workaround, thanks.
    Tuesday, April 28, 2020 8:47 AM
  • The network admin fixed it. said it had to do with the public and private domains being off not turned on and something to do with the network adapter. thats all he told me but it is now woriking.
    • Marked as answer by Abeljdang Tuesday, April 28, 2020 12:44 PM
    Tuesday, April 28, 2020 12:44 PM